树莓派-搭建-GOGS+Drone

发表于 | 更新于 | 分类于

GOGS安装

建立git用户,默认gogs使用git用户作为默认用户

1
useradd git

去gogs官网下载,并解压和安装

1
2
3
4
cd /home/git
wget https://dl.gogs.io/0.12.3/gogs_0.12.3_linux_armv7.zip
unzip /home/git/gogs_0.12.3_linux_armv7.zip
chown -R git:git gogs/

修改自定义配置

1
vim gogs/custom/conf/app.ini

配置文件详情

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
BRAND_NAME = Gogs
RUN_USER   = git
RUN_MODE   = prod

[database]
TYPE     = mysql
HOST     = 127.0.0.1:3306
NAME     = gogs
USER     = xxx
PASSWORD = xxxxx
SSL_MODE = disable
PATH     = /home/git/gogs/data/gogs.db

[repository]
ROOT = /home/git/gogs-repositories	#仓库存放目录
# 全局默认的每个用户可创建创建仓库上限,-1 表示无限制
MAX_CREATION_LIMIT = -1
ENABLE_LOCAL_PATH_MIGRATION = true
# 强制所有仓库私有
FORCE_PRIVATE = false


[server]
DOMAIN           = x.x.x.x	#主机地址,可以是域名
HTTP_PORT        = 3000
EXTERNAL_URL     = http://x.x.x.x:3000/
DISABLE_SSH      = false
SSH_PORT         = 22
START_SSH_SERVER = false
OFFLINE_MODE     = false
ENABLE_GZIP      = true

[admin]
# 禁用普通用户创建组织
DISABLE_REGULAR_ORG_CREATION = false

[mailer]
ENABLED = false

[service]
# 注册必须邮箱验证
REGISTER_EMAIL_CONFIRM = false
# 发送邮件通知
ENABLE_NOTIFY_MAIL     = false
# 禁止用户注册,只能管理员创建
DISABLE_REGISTRATION   = false
# 注册时输入验证码
ENABLE_CAPTCHA         = true
# 必须登录才能浏览
REQUIRE_SIGNIN_VIEW    = false

[picture]
DISABLE_GRAVATAR        = false
ENABLE_FEDERATED_AVATAR = false

[session]
PROVIDER = file

[log]
MODE      = file
LEVEL     = Info
ROOT_PATH = /mnt/disk2/gogs/gogs-log	#日志目录

[security]
INSTALL_LOCK = true
SECRET_KEY   = LlJwlLRpBEqUvJu # 秘钥可以自己随机生成
# 记录登录天数
LOGIN_REMEMBER_DAYS = true
COOKIE_USERNAME = true
COOKIE_REMEMBER_NAME = true
REVERSE_PROXY_AUTHENTICATION_USER = true

[webhook]
TYPES = gogs
DELIVER_TIMEOUT = 300
SKIP_TLS_VERIFY = true
PAGING_NUM = true

[cron]
ENABLED = true

启动服务

1
2
3
sudo systemctl enable /home/git/gogs/scripts/systemd/gogs.service
sudo systemctl start gogs.service
sudo systemctl status gogs.service

drone安装

drone 分2个端,server和runner。每个client都装runner,不同服务安装不同的runner。比如:exec,要装drone-exec。docker安装docker-runner

安装server端

这里采用docker的方式,数据库还是用mysql

秘钥生成

1
LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 65 && echo

drone docker生成

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
docker run \
  --volume=/mnt/disk2/drone/data:/data \
  --env=DRONE_GIT_ALWAYS_AUTH=true \
  --env=DRONE_GIT_USERNAME=git \
  --env=DRONE_GIT_PASSWORD=git \
  --env=DRONE_GOGS=true \
  --env=DRONE_GOGS_SKIP_VERIFY=false \
  --env=DRONE_GOGS_SERVER=http://172.17.0.1:3000 \
  --env=DRONE_PROVIDER=gogs \
  --env=DRONE_RPC_SECRET=kywiXg4MtP9qKiKzGpldQ0ivb96m768z5uMqYbCGbexsRhIpm5tPIagQEbiE9D8pb \
  --env=DRONE_LOGS_COLOR=true \
  --env=DRONE_LOGS_DEBUG=true \
  --env=DRONE_WEBHOOK_SKIP_VERIFY=false \
  --env=DRONE_USER_CREATE=username:space,admin:true \
  --env=DRONE_DATABASE_DRIVER=mysql \
  --env=DRONE_DATABASE_DATASOURCE=root:密码@tcp\(172.17.0.1:3306\)/drone?parseTime=true \
  --env=DRONE_OPEN=true \
  --env=DRONE_SERVER_PROTO=http \
  --publish=9090:80 \
  --publish=9443:443 \
  --restart=always \
  --detach=true \
  --name=drone \
  --env=TZ=PRC \
  -h drone \
  drone/drone:2

DRONE_GOGS_SERVER #链接gogs服务
DRONE_RPC_SECRET 远程链接秘钥,通过秘钥gogs驱动各个部分。
DRONE_SERVER_PROTO 链接协议可以用https
安装后访问9090端口,登陆密码为gogs中账户的密码。

安装docker-runner端

秘钥需要与server相同

1
2
3
4
5
6
7
8
9
10
11
12
docker run -d \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -e DRONE_RPC_PROTO=http \
  -e DRONE_RPC_HOST={server端ip或域名}:80 \
  -e DRONE_RPC_SECRET=kywiXg4MtP9qKiKzGpldQ0ivb96m768z5uMqYbCGbexsRhIpm5tPIagQEbiE9D8pb \
  -e DRONE_RUNNER_CAPACITY=2 \
  -e DRONE_RUNNER_NAME=drone-runner \
  -p 4000:3000 \
  --restart always \
  --name drone-runner \
  --link=drone:drone \
  drone/drone-runner-docker:latest

runner的公共配置

DRONE_RPC_PROTO http协议,可以不需要加密
DRONE_RUNNER_CAPACITY 一次运行多个

安装exec-runer

下载安装

1
2
$ curl -L https://github.com/drone-runners/drone-runner-exec/releases/latest/download/drone_runner_exec_linux_arm.tar.gz | tar zx
$ sudo install -t /usr/local/bin drone-runner-exec

配置

1
vim /etc/drone-runner-exec/config
1
2
3
4
5
6
7
8
9
DRONE_RPC_PROTO=http
DRONE_DEBUG=true
DRONE_RPC_HOST={服务端网址或者IP}:9090
DRONE_RPC_SECRET=kywiXg4MtP9qKiKzGpldQ0ivb96m768z5uMqYbCGbexsRhIpm5tPIagQEbiE9D8pb
DRONE_LOG_FILE=/var/log/drone-runner-exec/log.txt
DRONE_RUNNER_CAPACITY=2
DRONE_PLATFORM_VARIANT=v7
DRONE_PLATFORM_ARCH=arm
DRONE_SECRET_PLUGIN_SKIP_VERIFY=false

启动&关闭

1
2
drone-runner-exec service stop
drone-runner-exec service start

安装ssh-runner

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#下载镜像
docker pull drone/drone-runner-ssh:latest

#安装
docker run -d \
  -e DRONE_RPC_PROTO=http \
  -e DRONE_RPC_HOST={服务端网址或者IP}:9090 \
  -e DRONE_RPC_SECRET=kywiXg4MtP9qKiKzGpldQ0ivb96m768z5uMqYbCGbexsRhIpm5tPIagQEbiE9D8pb \
  -e DRONE_TLS_AUTOCERT=false \
  -e DRONE_RUNNER_CAPACITY=10 \
  -e DRONE_SECRET_PLUGIN_SKIP_VERIFY=false \
  -e DRONE_PLATFORM_ARCH=arm \
  -e DRONE_PLATFORM_VARIANT=v7 \
  -p 4040:3000 \
  --restart always \
  --name drone-ssh \
  drone/drone-runner-ssh

安装docker-runner

1
2
3
4
5
6
7
8
9
10
11
12
docker run --detach \
--volume=/var/run/docker.sock:/var/run/docker.sock \
--env=DRONE_RPC_PROTO=http \
--env=DRONE_RPC_HOST={服务端网址或者IP}:9090 \
--env=DRONE_RPC_SECRET=kywiXg4MtP9qKiKzGpldQ0ivb96m768z5uMqYbCGbexsRhIpm5tPIagQEbiE9D8pb \
--env=DRONE_RUNNER_CAPACITY=10 \
--env=DRONE_RUNNER_NAME=6-docker-runner \
--env=DRONE_RUNNER_LABELS=nodeDev:runnerDev \
--publish=3000:3000 \
--restart=always \
--name=drone-docker-runner \
drone/drone-runner-docker:1.8-linux-arm

启动顺序

  1. gogs
  2. drone
  3. drone-exec

总要注意

gogs的webhook,只适用于http提交方式。所以ssh的提交是无法触发的